Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dojo vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-6561
dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element.
Dojotoolkit Dojo 1.13.0
NA
CVE-2023-35097
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Internet Marketing Dojo WP Affiliate Links plugin <= 0.1.1 versions.
Dojo Wp Affiliate Links
7.5
CVSSv2
CVE-2006-3560
SQL injection vulnerability in topics.php in Blue Dojo Graffiti Forums 1.0 allows remote malicious users to execute arbitrary SQL commands via the f parameter.
Blue Dojo Graffiti Forums 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2018-15494
In Dojo Toolkit prior to 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
Dojotoolkit Dojo
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2021-23450
All versions of package dojo are vulnerable to Prototype Pollution via the setObject function.
Linuxfoundation Dojo
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Primavera Unifier 21.12
Oracle Communications Policy Management 12.6.0.0.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2020-5258
In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes t...
Linuxfoundation Dojo
Debian Debian Linux 8.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Communications Policy Management 12.5.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Sites 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Mysql
Oracle Primavera Unifier 20.12
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Documaker
Oracle Communications Application Session Controller 3.9.0
5
CVSSv2
CVE-2020-5259
In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to ...
Linuxfoundation Dojox
4.3
CVSSv2
CVE-2019-10785
dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them.
Linuxfoundation Dojox
Debian Debian Linux 8.0
3.5
CVSSv2
CVE-2020-4051
In Dijit prior to 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or e...
Openjsf Dijit
Debian Debian Linux 10.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
5
CVSSv2
CVE-2010-4600
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x prior to 7.1.1.4 and 7.1.2.x prior to 7.1.2.1, allows remote malicious users to read cookies by navigating to a Dojo file, related to an "open direct" issue.
Dojofoundation Dojo Toolkit
Ibm Rational Clearquest 7.1.2
Ibm Rational Clearquest 7.1.1.1
Ibm Rational Clearquest 7.1.1.2
Ibm Rational Clearquest 7.1.1.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »